package validator

import (
	"context"
	"testing"
)

// TestAlwaysApprove_Name locks the sentinel identifier that audit
// filters and dashboards key on. Changing it is a breaking change
// for any downstream filter.
//
// TestAlwaysApprove_Name 锁定审计过滤器和 dashboard 依赖的哨兵标识.
// 修改是下游 filter 的 breaking change.
func TestAlwaysApprove_Name(t *testing.T) {
	if got := (AlwaysApprove{}).Name(); got != "always-approve" {
		t.Errorf("Name() = %q, want %q", got, "always-approve")
	}
}

// TestAlwaysApprove_ValidateApproves confirms Approved=true, no error,
// and that the returned Verdict carries the audit-visible identity
// fields (ValidatorName / PolicyVersion / Reason).
//
// TestAlwaysApprove_ValidateApproves 确认 Approved=true, 无错误, 且
// Verdict 带上审计可见的身份字段 (ValidatorName / PolicyVersion / Reason).
func TestAlwaysApprove_ValidateApproves(t *testing.T) {
	v := AlwaysApprove{}
	diff := DiffInput{SourceTool: "any", Raw: []byte(`{"whatever":1}`)}

	verdict, err := v.Validate(context.Background(), diff)
	if err != nil {
		t.Fatalf("unexpected error: %v", err)
	}
	if !verdict.Approved {
		t.Error("AlwaysApprove must return Approved=true")
	}
	if verdict.ValidatorName != "always-approve" {
		t.Errorf("ValidatorName = %q, want %q", verdict.ValidatorName, "always-approve")
	}
	if verdict.PolicyVersion == "" {
		t.Error("PolicyVersion must be set (audit replay depends on it)")
	}
	if verdict.Reason == "" {
		t.Error("Reason must be set (audit log needs human-readable opt-out explanation)")
	}
}

// TestAlwaysApprove_SeverityEmpty verifies Severity is deliberately
// empty: AlwaysApprove asserts "no judgement", so downstream
// VerdictSinks (e.g. the circuit breaker) can treat the sample as a
// clean success rather than a warn.
//
// TestAlwaysApprove_SeverityEmpty 验证 Severity 刻意留空: AlwaysApprove
// 断言 "不做评价", 下游 VerdictSink (如熔断器) 可把样本当干净 success
// 而非 warn.
func TestAlwaysApprove_SeverityEmpty(t *testing.T) {
	verdict, _ := AlwaysApprove{}.Validate(context.Background(), DiffInput{})
	if verdict.Severity != "" {
		t.Errorf("Severity must be empty for no-judgement semantics, got %q", verdict.Severity)
	}
}

// TestAlwaysApprove_IgnoresDiff confirms the Validator does not depend
// on DiffInput contents -- same verdict for empty diff and for
// pathological inputs.
//
// TestAlwaysApprove_IgnoresDiff 确认 Validator 不依赖 DiffInput 内容 --
// 空 diff 和病理输入产出相同 verdict.
func TestAlwaysApprove_IgnoresDiff(t *testing.T) {
	cases := []DiffInput{
		{},
		{SourceTool: "", Raw: nil},
		{SourceTool: "SQLCAS", Raw: []byte{0x00, 0xff}},
		{Metadata: map[string]any{"affected_rows": 99999}},
	}
	for i, diff := range cases {
		verdict, err := AlwaysApprove{}.Validate(context.Background(), diff)
		if err != nil || !verdict.Approved {
			t.Errorf("case %d: got approved=%v err=%v, want approved=true err=nil", i, verdict.Approved, err)
		}
	}
}